Tuesday, October 30, 2012

AWS API How To

Dealing with the Amazon Web Services API could be frustrating for a beginner. Here you are a small example that will help you to start with.

Some concepts:
The AWS API is a resource that could be accessed from everywhere by an authenticated application to manage all kind of elements into the AWS infrastructure. You can create a new EC2 instance, manage the contents of your S3 Bucket, modify an alarm in Cloudwatch, etc. (the "programmable data center" concept). You could either create your own application to interact with the AWS API (example: create and Smartphone App to Start/Stop your EC2 instances) or you could use someone else application to do that (That's what I do). Amazon Web Services provides a convenient ready-to-use command line tools to use their API.
There are different API methods inside the AWS cloud and different methods of authentication. Currently, the official way to authenticate is using you Access Key and the Secret Key and the Certificate authentication is now obsolete.By defaultall API calls are directed to the us-east-1Region (N.Virgina).

First Step:
Deploy an EC2 instance using the Amazon Linux AMI. The basic AWS Linux AMI includes command line tools to interact with the previous mentioned APIs (and others). You still have the option to download those command line tools and use them from your laptop but to use this preconfigured AMI is the easiest way to start.

This is a list of the current APIs included in EC2 Amazon Linux and its versions:

Credentials for EC2 API command line tools:
(Logged with root) Export the variables AWS_ACCESS_KEY and AWS_SECRET_KEY with your credentials and test the configuration with a simple EC2 command like ec2-desbribe-regionsThe Access Key and the Secret Key are obtained when you create a new user using the IAM console. You have an example of creating a new user in this article. Please note you will need a user with admin privileges to interact with AWS API.

Credentials for Auto Scaling, Cloudwatch, RDS and ELB API command line tools:
- Create a text file with this name and path: /opt/aws/apitools/mon/credential-file-path.template with the following contents: